Latest Internet & Cybersecurity News
ShinyHunters Claims Hack of Canvas LMS, Impacting 9,000+ Schools
Hacking group ShinyHunters took responsibility for a cyberattack on Canvas, disrupting access for thousands of schools during final exams. The breach allegedly accessed student IDs, emails, names, and messages, with the platform back online after 4 days of undetected intrusion.
Canvas Cyberattack Exposes Billions of Private Messages and Records
ShinyHunters claimed to have stolen billions of private messages and records from Canvas, used by nearly 9,000 schools and universities. The outage forced exam delays and improvised access for teachers. Instructure reports most users can now log in, but data compromise questions linger.
Massive Canvas Hack Affects 275 Million Users Worldwide
ShinyHunters stole 3.5 terabytes of student data including names, emails, IDs, and private messages from Canvas, threatening public release without ransom. Universities like Harvard and Columbia extended deadlines; impacts span US states and countries like UK, Australia. Instructure says passwords and financial data untouched.
PAN-OS RCE Exploit Under Active Use, Enabling Root Access
Palo Alto Networks' PAN-OS faces an actively exploited RCE vulnerability allowing root access and espionage, likely by a Chinese state-sponsored group. Fixes expected May 13; customers urged to restrict PAN-OS authentication portal access.
Polish Intelligence Warns of Hackers Targeting Water Treatment Systems
Polish intelligence reported hackers attacking water treatment control systems, posing risks to operations continuity. Activity linked to intensified hostile actions from Russia, though no specific group named.
Ivanti EPMM Fingerprints Exposed on Over 850 IP Addresses Online
Shadow Server tracks over 850 exposed Ivanti EPMM instances, mostly in Europe and North America, following prior vulnerabilities. Internet security watchdog highlights ongoing risks from these exposures.
Canvas Breach Disrupts Global Education During Exam Season
The Canvas hack by ShinyHunters affected schools in multiple countries including North Carolina public systems, California, UK, New Zealand, forcing exam rescheduling at major universities. Company detected intruders after 4 days.
Instructure CISO Confirms Canvas Data Breach Scope
Instructure's chief information security officer stated the ShinyHunters breach involved student ID numbers, email addresses, names, and messages, but no passwords or financial info. Platform restored after global outage.
ShinyHunters Threatens to Leak 3.5TB Canvas Data Unless Ransom Paid
The group claims acquisition of 3.5TB sensitive data from Canvas, impacting 275M users, and demands ransom to prevent public dump. Attack hit during peak exam period worldwide.
Cybersecurity Analysts Track ShinyHunters' 4-Day Undetected Canvas Intrusion
Analysts note ShinyHunters lurked in Canvas systems for about 4 days pre-detection, potentially longer, amid outage affecting tens of thousands studying for finals.